vlm-verifier

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow includes the execution of a local Python script scripts/validate_fraud_report.py to programmatically verify the structure and compliance of the generated evaluation report before final output.
  • [PROMPT_INJECTION]: The skill ingests untrusted external data via user-uploaded documents and images for VLM/LLM analysis, creating a surface for indirect prompt injection.
  • Ingestion points: User-provided loan application materials (Workflow Step 0 in SKILL.md).
  • Boundary markers: Mandatory "read-before-write" verification steps and strict adherence to provided reference data.
  • Capability inventory: Local command execution (scripts/validate_fraud_report.py) for report validation.
  • Sanitization: Implements rigorous PII masking (ID numbers, bank accounts) and uses predefined structured templates for all outputs to prevent model context contamination.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 06:40 AM
Security Audit — agent-trust-hub — vlm-verifier